Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reduce runtime access token TTL to 30 mins by default #4058

Merged
merged 4 commits into from
Feb 27, 2024
Merged

Reduce runtime access token TTL to 30 mins by default #4058

merged 4 commits into from
Feb 27, 2024

Conversation

begelundmuller
Copy link
Contributor

@begelundmuller begelundmuller commented Feb 15, 2024
edited
Loading

  • Sets the TTL of JWTs issued for the UI and CLI to 30 minutes
    • This TTL can be overridden if necessary using the new access_token_ttl_seconds parameter for the AdminService.GetProject API
  • Keeps the default TTL of JWTs issued for embedding at 24 hours
    • This is necessary since embedders with low-risk use cases won't implement in-browser refresh, and users may keep a tab open for several hours or longer
    • Security conscious embedders should implement in-browser token refresh and set a lower TTL
    • This TTL can be overridden by embedders using the ttl_seconds parameter for the AdminService.GetIFrame API

This PR should not be merged until #3876 is closed.

This PR closes https://github.com/rilldata/rill-private-issues/issues/115.

@begelundmuller begelundmuller self-assigned this Feb 15, 2024
@begelundmuller begelundmuller marked this pull request as draft February 15, 2024 14:05
@ericpgreen2 ericpgreen2 mentioned this pull request Feb 21, 2024
Merged
@begelundmuller begelundmuller marked this pull request as ready for review February 27, 2024 10:37
@begelundmuller begelundmuller merged commit 9331c40 into main Feb 27, 2024
6 of 7 checks passed
@begelundmuller begelundmuller deleted the begelundmuller/lower-token-ttl branch February 27, 2024 10:53
himadrisingh pushed a commit that referenced this pull request Mar 1, 2024
@begelundmuller @himadrisingh
Reduce runtime access token TTL to 30 mins by default (#4058)
dafd264 
* Reduce runtime access token TTL to 30 mins by default

* Maybe fix frontend

* Prettier
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@himadrisingh himadrisingh himadrisingh approved these changes

Assignees

@begelundmuller begelundmuller

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@begelundmuller @himadrisingh